October 12, 2023 at 07:39AM Chinese company Yifan’s industrial routers are vulnerable to critical security flaws, according to Cisco’s Talos. Yifan was given 90 days to release patches, but none have been issued. The flaws can allow attackers to execute arbitrary commands, change admin credentials, and access devices with admin privileges. All vulnerabilities can be … Read more
October 12, 2023 at 07:28AM Microsoft Defender for Endpoint successfully stopped a large-scale remote encryption attempt by the Akira ransomware group targeting an industrial organization in June 2023. The attack involved devices not protected by Microsoft Defender and included reconnaissance and lateral movement activities. Microsoft’s automatic attack disruption feature prevented breached accounts from accessing endpoints … Read more
October 11, 2023 at 12:09AM Microsoft analysts and researchers analyze trillions of signals daily to uncover emerging threats and provide timely security insights. They focus on nation-state groups to understand their activities within geopolitical trends. With the shift to remote work due to COVID-19, cybercriminals are exploiting system vulnerabilities and misconfigurations to access sensitive resources … Read more
October 10, 2023 at 02:36PM Microsoft released a large batch of software and OS updates to address over 100 vulnerabilities across Windows systems. They warned that three of these vulnerabilities are already being exploited. The updates also targeted a zero-day vulnerability in HTTP/2 Rapid Reset that exposed the internet to DDoS attacks. Two other zero-day … Read more